fs: move name_contains_dotdot() to header

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Move the helper from the firmware specific code to a header so we can
reuse it for coredump sockets.

Link: https://lore.kernel.org/20250612-work-coredump-massage-v1-5-315c0c34ba94@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>

Christian Brauner 9 months ago 0da3e382 3a2c977c

+27 -20

2 changed files

expand all

drivers

base

firmware_loader

main.c

include

linux

fs.h

+11 -20

drivers/base/firmware_loader/main.c

··· 822 822 {} 823 823 #endif 824 824 825 - /* 826 - * Reject firmware file names with ".." path components. 827 - * There are drivers that construct firmware file names from device-supplied 828 - * strings, and we don't want some device to be able to tell us "I would like to 829 - * be sent my firmware from ../../../etc/shadow, please". 830 - * 831 - * Search for ".." surrounded by either '/' or start/end of string. 832 - * 833 - * This intentionally only looks at the firmware name, not at the firmware base 834 - * directory or at symlink contents. 835 - */ 836 - static bool name_contains_dotdot(const char *name) 837 - { 838 - size_t name_len = strlen(name); 839 - 840 - return strcmp(name, "..") == 0 || strncmp(name, "../", 3) == 0 || 841 - strstr(name, "/../") != NULL || 842 - (name_len >= 3 && strcmp(name+name_len-3, "/..") == 0); 843 - } 844 - 845 825 /* called from request_firmware() and request_firmware_work_func() */ 846 826 static int 847 827 _request_firmware(const struct firmware **firmware_p, const char *name, ··· 842 862 goto out; 843 863 } 844 864 865 + 866 + /* 867 + * Reject firmware file names with ".." path components. 868 + * There are drivers that construct firmware file names from 869 + * device-supplied strings, and we don't want some device to be 870 + * able to tell us "I would like to be sent my firmware from 871 + * ../../../etc/shadow, please". 872 + * 873 + * This intentionally only looks at the firmware name, not at 874 + * the firmware base directory or at symlink contents. 875 + */ 845 876 if (name_contains_dotdot(name)) { 846 877 dev_warn(device, 847 878 "Firmware load for '%s' refused, path contains '..' component\n",

+16

include/linux/fs.h

··· 3264 3264 (len == 1 || (len == 2 && name[1] == '.')); 3265 3265 } 3266 3266 3267 + /** 3268 + * name_contains_dotdot - check if a file name contains ".." path components 3269 + * 3270 + * Search for ".." surrounded by either '/' or start/end of string. 3271 + */ 3272 + static inline bool name_contains_dotdot(const char *name) 3273 + { 3274 + size_t name_len; 3275 + 3276 + name_len = strlen(name); 3277 + return strcmp(name, "..") == 0 || 3278 + strncmp(name, "../", 3) == 0 || 3279 + strstr(name, "/../") != NULL || 3280 + (name_len >= 3 && strcmp(name + name_len - 3, "/..") == 0); 3281 + } 3282 + 3267 3283 #include <linux/err.h> 3268 3284 3269 3285 /* needed for stackable file system support */